CrawlJobs Logo

Vulnerability Reporting Lead

https://www.citi.com/ Logo

Citi

Location Icon

Location:
Hungary , Budapest

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Within CISO, the Vulnerability Operations Team is responsible for managing and improving the Vulnerability Management Process globally, providing oversight and coordination for the highest criticality vulnerabilities (GEMs), and for managing the vulnerability lifecycle for technology products owned within the Chief Information Security Office (CISO). The Vulnerability Operations team was recently formed to lead the operational response to the most critical cybersecurity vulnerabilities, known as GEMs, and to drive tactical and strategic improvements to the Vulnerability and Threat Management Process. Operational response efforts include end-to-end oversight of the data flow and GEMs/potential GEMS, escalations for past due vulnerabilities and providing stakeholders with actionable data and dashboarding to aide in the visualization of risk and remediation efforts needed.

Job Responsibility:

  • Drive vulnerability reporting and engagement program enhancements
  • Rationalize tooling and initiatives for vulnerability lifecycle management and reporting
  • Develop relationships with sectors to resolve aging critical vulnerabilities on assets within Citi
  • Prioritize various business requirements for enhancements to vulnerability management program
  • Analyze data to identify trends, opportunities and deliver audit/regulatory deliverables
  • Work with vulnerability lifecycle managers, Asia and Europe-based operations and application support teams to analyze requirements, design and develop specs and manage data which supplies information to all vulnerability threat reporting and analysis
  • Lead Europe-based level one support team, responsible for basic troubleshooting and providing clarity to data consumers on steps required for vulnerability remediation
  • Implement identified process improvements

Requirements:

  • 5+ years in vulnerability management or information security reporting functions
  • Strong project management skills
  • Familiar with management of development items in Jira
  • Strong communication skills
  • Familiarity with Vulnerability Assessment tools, e.g., Nessus, Qualys, etc.
  • OS Security, e.g., Unix, Linux, Windows, Cisco, etc.
  • Web application infrastructure, e.g., Application Servers, Web Servers, Databases
  • Web development and programming languages i.e., Python, Perl, Ruby, Java, and/or .Net
  • Business Intelligence tools
  • SQL scripting and advanced Excel skills
  • Strong work ethic and a proactive mindset with ability to think “outside of the box” to solve problems
  • Fluency in English
  • Experience solving complex data flow challenges
  • Advanced knowledge of complex queries for data analysis
  • Experience with at least one coding language (PowerShell, Python, C#, etc.)
  • Experience in automation and optimization of repetitive processes and reporting
  • Bachelor’s degree/University degree or equivalent experience
What we offer:
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Socially active employee communities with diverse networking opportunities

Additional Information:

Job Posted:
April 30, 2025

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Citi - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability Reporting Lead

Vulnerability Management Technical Lead

The role includes managing and optimizing vulnerability management workflows usi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4 to 8 years of experience
  • engineering graduate - preferably B.E./B.Tech in IT or Computer Engineering
  • strong analytical skills
  • experience with security information and event management (SIEM) tools
  • ~5 years of experience in information security, specifically in end-to-end vulnerability management with 2-3 years hands-on Rapid7 experience
  • advanced degrees or certifications preferred
  • knowledge of current cybersecurity trends, threats, and techniques
  • understanding of regulatory requirements
  • ability to work independently and collaboratively
  • good interpersonal and communication skills
Job Responsibility
Job Responsibility
  • ensure that Rapid7 is fully and effectively implemented
  • assist with design, implementation, and optimization of automated tagging workflows
  • build and refine InsightVM dashboards and reports for insights
  • integrate Rapid7 with external systems for accurate asset context and automated remediation ticket creation
  • collaborate with IT teams to reduce false positives and orphaned assets
  • implement and support scan scheduling and tuning
  • assist in risk acceptance workflows
  • troubleshoot scan and synchronization issues
  • drive process improvements in vulnerability management workflow
  • deliver security reports and presentations
What we offer
What we offer
  • inclusive and respectful work environment
  • positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

Director, Vulnerability Management

The Director of Vulnerability Management takes full accountability for running t...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6-8 years experience of leading, mentoring, and growing high-performing teams within the vulnerability management domain
  • Proven experience managing vulnerability management programs at enterprise scale
  • Ability to respond quickly to emerging vulnerabilities and implement immediate remediation measures
  • Comfortable operating under high-pressure conditions with competing priorities
  • Strong technical expertise in vulnerability management platforms and scanning technologies
  • Executive presence with the ability to engage and influence senior leadership effectively
  • Expertise in reporting and metrics to drive accountability and transparency
  • Strong problem-solving and analytical skills to assess risk and develop mitigation strategies
  • Ability to lead complex projects and collaborate across multiple business units
  • Bachelor's Degree
Job Responsibility
Job Responsibility
  • Leads projects, or delegates and supervises project leaders, for security initiatives involving the hardware and application systems
  • Leads and is accountable for scanning operations, data and metrics, and leading projects in the overall VM landscape
  • Maintain, configure and operate the vulnerability management platforms to optimal levels
  • A strong focus on reporting and metrics to ensure that risk is constantly being addressed and programs are in place to continuously improve the security posture of Comcast from a vulnerability management perspective
  • A strong and confident people leader that aligns to Comcast values and helps to coach, mentor and grow the team
  • Works in close alignment with internal Security Development Lifecycle (SDL) coaches and our security leads to help drive down vulnerabilities across the enterprise
  • Collaborates with other Information Technology departments and key business areas to ensure information security requirements are defined, documented, tested and delivered as part of project deliverables
  • Performs sophisticated analytical tasks to assess risk and determines strategies required to resolve issues, accurate technical security problems, or mitigate risk
  • Assists in the preparation of budgets and forecasts
  • Selects, develops and evaluates personnel to ensure efficient operations within department
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right

Cyber Defence Lead - Vulnerability & Disclosure Services

We are seeking an experienced cyber security professional to lead the Vulnerabil...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced cyber security professional with deep expertise in vulnerability management and remediation
  • Background in managing large‑scale scanning and reporting programmes
  • Hands‑on proficiency with vulnerability management tools, specifically Qualys
  • Strong understanding of networking fundamentals and core security concepts
  • Knowledgeable in industry cyber security standards, governance frameworks, and policy structures
  • Skilled in leading distributed teams and fostering high-performance cultures
  • Capable of influencing senior stakeholders and guiding change across complex environments
  • Strong analytical capability to translate technical risk into business-focused insights
  • Excellent written, verbal, and executive communication skills
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure services, ensuring alignment with Vodafone’s global policies and cyber strategy
  • Manage the full lifecycle of the Responsible Disclosure programme, including triage, validation, prioritisation, communication, and closure
  • Oversee vulnerability triage and prioritisation by applying strong risk‑based decision‑making and effective coordination with remediation teams
  • Drive improvements in automation, tooling effectiveness, and workflow optimisation to elevate efficiency and reduce manual workloads
  • Define, streamline, and own vulnerability management KPIs and reporting to offer transparent insights for leadership and stakeholders
  • Serve as a primary contact point for internal and external cyber security audits related to vulnerability management and disclosure processes
  • Lead cross-functional initiatives within Cyber Defence to enhance governance, delivery excellence, and operational maturity
  • Build, guide, and nurture a high-performing team through inclusive leadership, talent development, structured hiring, and succession planning
  • Promote strong engagement, continuous learning, and year‑on‑year improvements in team capability, efficiency, and retention
  • Fulltime
Read More
Arrow Right

Product Security Engineer

At Atlassian, we're motivated by a common goal: to unleash the potential of ever...
Location
Location
United States , San Francisco
Salary
Salary:
150700.00 - 206000.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Cybersecurity or related field
  • 24 months of experience working as Application Security Engineer, Product Security Engineer, or Penetration Tester
  • experience in application security tooling such as BurpSuite Pro, Postman, Docker, Command Line Interface (CLI) tools, Nmap, and Metasploit
  • understanding and coding common programming languages such as Java, Python, or Go
  • penetration testing, vulnerability assessment, composing and generating vulnerability reports
  • administering and managing Jira project
  • data analysis and data visualization tooling such as Tableau and Databricks
  • code versioning tools such as Bitbucket Cloud and GitHub
  • must pass technical interview
Job Responsibility
Job Responsibility
  • Evaluate submissions from security researchers to bug bounty program, assess the impact of each vulnerability, and communicate with the researcher community to help obtain additional details that may be helpful to engineering teams as they work to remediate the issues
  • drive improvement to the policies, processes, and automation to make bug bounty programs effective and ensure to get the most accurate information about each vulnerability to the proper engineering team as quickly as possible
  • work on vulnerability management improvements on processes, policies and standards
  • make sure the company's products and services are safe and secure, the internal vulnerability management workflow is accurate and up to date
  • identify vulnerabilities at scale and help engineering teams systematically remediate them
  • work on securing open-source supply chain
  • interact with some of the world’s leading security researchers through bug bounty program
  • build cutting edge tools to help identify and remediate vulnerabilities at scale
  • work with web application security and a strong ability to work with colleagues to develop and build solutions to help us scale in order to be successful in this role
  • read and write code
What we offer
What we offer
  • health and wellbeing resources
  • paid volunteer days
  • Fulltime
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Qualys Threat and Vulnerability Management Cyber Security Advisor

This role will be responsible for assessing the security vulnerabilities & threa...
Location
Location
United States , Plano
Salary
Salary:
95000.00 - 140000.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years Security-Threat and Vulnerability-Vulnerability Remediation to include Researching, evaluating, scanning, reporting out on cyber security threats, incidents, and vulnerabilities (automated asset discovery, vulnerability management, threat prioritization, and remediation)
  • Must have Hands-on experience working with Vulnerability assessment tool, Qualys VMDR.
  • Must have client-facing experience
Job Responsibility
Job Responsibility
  • Assessing the security vulnerabilities & threats identified by the infrastructure scan
  • Work with appropriate teams across the businesses and associated 3rd parties to ensure appropriate remediation plans are defined and implemented
  • Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components
  • Perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components
  • Maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures
  • Participated in the calls to resolve information security incidents, including internal events and targeted threats
  • Research, evaluate, and assess emerging cyber security threats, incidents, and vulnerabilities
  • Work with the stakeholders to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities
  • Prioritize the remediation of vulnerabilities based on their characteristics, such as threat intelligence, business criticality, and exploit maturity
  • Define minimum standards in relation to threat management and monitoring compliance across the businesses
What we offer
What we offer
  • medical, dental, and vision insurance
  • flexible spending or health savings account
  • life and AD&D insurance
  • short and long term disability coverage
  • paid time off
  • employee assistance
  • participation in a 401k program with company match
  • additional voluntary or legally-required benefits
  • incentive compensation based on individual and/or company performance
  • Fulltime
Read More
Arrow Right

Senior Audit Manager – Operational Resilience

The Senior Audit Manager is a senior-level management position responsible for m...
Location
Location
Canada , Mississauga
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in a related role
  • Suitable Internal Audit Experience from a highly regulated industry
  • Audit experience in Operational Resilience and demonstrated ability to lead complex Operational Resilience engagements including assessment of important business services, impact tolerances, resource mapping and vulnerabilities identification and tracking
  • Experience of leading Audit team through audit engagements
  • Experience in business, functional and people management
  • Related certifications (CIA, CISA, CISSP, CRISC, or similar) preferred
  • Proven ability to execute concurrently on a portfolio of high-quality deliverables according to strict timetables
  • Demonstrated ability to implement continuous improvement and innovation in audit tools and techniques
  • Strong stakeholder management skills
  • Effective negotiating, influencing and relationship management skills
Job Responsibility
Job Responsibility
  • Manage a team of Internal Audit professionals, recruit staff, lead professional development, build effective teams and manage a budget
  • Deliver audit reports, Internal Audit and Regulatory issue validation and business monitoring and governance committee reports
  • Lead reviews for all types of reviews, including the most complex, and review and approve Business Monitoring Quarterly Summaries
  • Participate in major business initiatives and pro-actively advise and assist the business on change initiatives
  • Implement integrated auditing concepts and technology, and follow trends in the Audit field and adapt them for the Audit function
  • Identify solutions for a variety of complex and unique control issues, utilizing complex judgement and sophisticated analytical thought
  • Analyze report findings, and recommend interventions where needed, proposing creative and pragmatic solutions to risk and control issues
  • Partner with Directors and Managing Directors to develop approaches for addressing broader corporate emerging issues
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards
  • Fulltime
Read More
Arrow Right

Mid-Level Cyber Security Engineer

We are seeking a Mid-Level Cyber Security Engineer to provide expert cyber domai...
Location
Location
United States , Washington, DC
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree + 12+ years of related experience
  • Master’s degree + 10+ years of related experience
  • Ph.D. degree + 7+ years of related experience
  • 15+ years of related experience without a degree
  • Experience conducting site surveys for IT equipment (racks, desktop PC environments)
  • Experience installing IT hardware in 24/7 operational environments
  • Strong understanding of: Cybersecurity assessments
  • Incident response
  • Risk & vulnerability assessment
  • Cyber threat analysis
Job Responsibility
Job Responsibility
  • Conduct and review complex cybersecurity assessments
  • Identify system vulnerabilities and areas of non‑compliance with cybersecurity standards
  • Recommend mitigation strategies and risk‑reduction approaches
  • Perform research, evaluation, and development in advanced cybersecurity areas
  • Perform and maintain vulnerability scans, generating clear reports for leadership
  • Track and report Information Assurance Vulnerability Management (IAVM) compliance
  • Support incident response teams with domain-specific expertise
  • Maintain a library of security audit tools and related testing processes
  • Review and update Authorization to Operate (ATO) documentation
  • Manage and report Plan of Action & Milestones (POA&M) compliance
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries Tools About Us FAQ Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy